f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

f35aa7c2e5...10.exe

windows7-x64

f35aa7c2e5...10.exe

windows10-2004-x64

1

Sharing

General

Target

f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10
Size

154KB
Sample

221030-vfdj4sagh5
MD5

82a40bf7b71ff47c553bdaf68a9e18c0
SHA1

914e3b83a6b8fc9fd80a66af203560974016441e
SHA256

f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10
SHA512

016ac6778c5ad9f84753fb78789202882e321c3631f7c0a5b5c227c691153bf338a45903678caa6a53d40f3c6379d5ca9d4524371b4dfaebe388166f11931c44
SSDEEP

3072:8/jyZMP4k8F/v5p+T/fsSY8vZE6t1a+kD:L845F/L+TJDZ/q

Score

10^/10

evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10
- Size
  
  154KB
- MD5
  
  82a40bf7b71ff47c553bdaf68a9e18c0
- SHA1
  
  914e3b83a6b8fc9fd80a66af203560974016441e
- SHA256
  
  f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10
- SHA512
  
  016ac6778c5ad9f84753fb78789202882e321c3631f7c0a5b5c227c691153bf338a45903678caa6a53d40f3c6379d5ca9d4524371b4dfaebe388166f11931c44
- SSDEEP
  
  3072:8/jyZMP4k8F/v5p+T/fsSY8vZE6t1a+kD:L845F/L+TJDZ/q
Score

10^/10

evasion persistence
- Modifies security service
  evasion
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

© 2018-2025

Terms | Privacy